Crypto Company Hit For $400m

The world’s third largest crypto-currency firm Coinbase Global has said that a recent cyber attack will probably cost it around $400m (£301m). 

The firm was contacted by hackers who said they had gained access to customer information, obtained by making payments to Coinbase contractors and employees.

Breached data included names and contact information, partial social security and bank account identifiers, government identification images, and some corporate and account data. The disclosure prompted the firm's share price to fall by 4.1%.

The alleged cyber attacker, who demanded money to not disclose the information, appeared to bribe overseas Coinbase employees to obtain the files, the company said. “Criminals targeted our customer support agents overseas. They used cash offers to convince a small group of insiders to copy data in our customer support tools for less than 1% of Coinbase monthly transacting users.

“Their aim was to gather a customer list they could contact while pretending to be Coinbase, tricking people into handing over their crypto,” Coinbase said on their blog. The group then demanded $20m from Coinbase to keep it quiet, but it refused to pay the bribe and instead promised to refund every person who got scammed.

The cyber attack comes days before the US company is set to join the benchmark S&P 500 index, a landmark moment for the crypto industry. It also reflects how, as it grows, the industry has increasingly become a target for cyber criminals.

Following the attack, the exchange says that it will strengthen its internal data management processes and relocate some of its customer support operations to avoid similar incidents.

A report from research firm Chainalysis suggests funds stolen from crypto businesses totalled $2.2bn in 2024.

 Coinbase   |    BBC   |    Reuters     |   Coin Telegraph   |    MSN   |   9to5Mac   |   Chainalysis

You Might Also Read:

Biggest Data Breaches Of The Last 15 Years [extract]:


If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Recent Ransomware Attacks Have Focused On Identity Gaps
Kill Switches Secretly Installed In Solar Panels »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DataVisor

DataVisor

DataVisor is a big data fraud detection and anti-money laundering solution.

Athena Dynamics

Athena Dynamics

Athena Dynamics focuses on Cyber Security, especially in Critical Information Infra-structure Protection and Enterprise IT Operation Management products and Services.

AlAnsari Technical Solutions (ATS)

AlAnsari Technical Solutions (ATS)

ATS is a Kuwait based company specialised in delivering hardware/software, Virtualisation, IP Telephony / Unified Communication, Networking and professional IT services and solutions.

Findings

Findings

Findings (formerly IDRRA) is a scalable AI powered assessment platform that streamlines security compliance across sectors, jurisdictions and regulatory frameworks.

Bright Machines

Bright Machines

Bright Machines delivers intelligent, software-defined manufacturing by bringing together our flexible factory robots with intelligent software, production data and machine learning.

Kindus

Kindus

Kindus is an IT security, assurance and cyber security risk management consultancy.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

Canopius Group

Canopius Group

Canopius is a global specialty lines insurance and reinsurance company and one of the top 10 insurers in the Lloyd’s insurance market.

BridgingMinds Network

BridgingMinds Network

BridgingMinds Network is an industry leading best practices and IT security training provider in Singapore.

11:11 Systems

11:11 Systems

11:11 Systems synchronizes every aspect of network services for your business. Build your network with the industry’s most trusted expert skills.

Rolls-Royce Cybersecurity Technology Research Network

Rolls-Royce Cybersecurity Technology Research Network

Rolls-Royce has partnered with Purdue University and Carnegie Mellon University to create the Rolls-Royce Cybersecurity Technology Research Network.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Intel Ignite

Intel Ignite

Intel Ignite is an internationally renowned acceleration program for early-stage deep tech startups.

Highen Fintech

Highen Fintech

Highen is a blockchain software development company with offices in the United States and development centers in India.

Tychon

Tychon

Tychon develops advanced enterprise endpoint management technology that enables commercial and government organizations to bridge the gap between security and IT operations.

Keystrike

Keystrike

Keystrike secures remote connections. Our technology ensures that commands made by an employee were physically made on their computer, rather than by a remote attacker.